Award-winning news, views, and insight from the ESET security community

European Parliament switches off Wi-Fi after hacker breaks into politicians’ emails

The European Parliament has switched off its public Wi-Fi system after an anonymous hacker broke into the personal emails of several Members of the European Parliament (MEPs) from outside the building, using only a laptop.

The European Parliament has switched off its public Wi-Fi system after an anonymous hacker broke into the personal emails of several Members of the European Parliament (MEPs) from outside the building, using only a laptop.

The European Parliament has switched off its public Wi-Fi system after an anonymous hacker broke into the personal emails of several Members of the European Parliament (MEPs) from outside the building, using only a laptop.

French news outlet Mediapart quotes the anonymous hacker as saying, “It was child’s play,” and that his attack required only “a few bits of knowledge that everyone is capable of finding on the internet.” The attacker was also able to access email accounts owned by IT staff.

A spokesperson said that the Parliament was “concerned” by the vulnerability, according to a report by Euractiv, and quoted the hacker as saying his goal was simply to raise awareness of the vulnerability. He was able to access the data from a public place in Strasbourg, near the Parliament building, Euractiv reports.

The Register reports that staff at the Parliament suspect that the attack used a fake Wi-Fi network built to mimic the real public network. “We understand that IT staff in the EU Parliament are working on the theory that the hacker set up a rogue Wi-Fi network that mimicked the EU Parliament’s real system,” John Leyden wrote.

Marjory Van den Broeke, the Parliament’s IT spokesperson said, “It’s a technical issue, depending on the outcome of the investigation, we’ll see if and what measures should be taken,” she told Euractiv. Van den Broeke said that convincing users to access fraudulent Wi-Fi networks “is seen everywhere in the world”.

A statement quoted by The Register said, “The Parliament has been subject for a man-in-the-middle attack, where a hacker has captured the communication between private smartphones and the public Wi-Fi of the Parliament (EP-EXT Network).

“The consequence is that some individual mailboxes have been compromised. All concerned users have already been contacted and asked to change their password. As a precaution, the Parliament has therefore decided to switch-off the public Wi-Fi network until further notice.”